Search This Blog

Tuesday, June 21, 2011

Wifi Devices

Types of Attacks on Wireless Environment 

Denial of Service Attack

Denial of Service Attack aims at preventing the users from accessing the network resources. In a Wireless network, denial of service attack can be applied in various ways.

How the attack occurs in Wifi Environment ?

At the physical layer of  TCP/IP Model, denial of service attack can be implemented by introducing a device which will generate noise in the same frequency band in which wireless accesspoint is operating. This makes the users who are trying to connect to the accesspoint may not be able to connect to it.
 Also the other possibility of Denial of service Attack is spoofing the accesspoint. Normally wireless clients connect to the wired network with the help of an accespoint. For  associating with the accesspoint they require SSID of it. When an unauthorised user places an accesspoint with the same SSID, then there is a chance of  authorised user getting associated with the attackers accesspoint. If that happens, the attacker will try to collect sufficient number of  packets from the wireless client and cracks the WEP key used by the legitimate accesspoint. Then the attacker gets associated with the legitimate accesspoint and generates large ping requests in the network or generate  some abnormal traffic, which may finally result in Denial of Service Attack.

Man-In-Middle Attack in Wifi Devices

Performing Man-In-Middle Attack in a wireless network is much easier, when compared to wired network. As the transmissons from an accesspoint is broadcasted, it is easy for an unauthorised user to collect the traffic sent by other wireless clients. And the process of collecting the packets in this manner is known as Eavesdropping. Also the third party user can manipulate the packets sent to the legitimate users which results in breaking the users privacy.
So In order to avoid these kind of attacks, Strong encryption should be used for transmitting the data between wireless client and accesspoint.

WarDriving

It is a process of tracking Wi-Fi hotspots located at a particular place, while moving with a hand held device or a laptop in a vehicle. This helps the user in finding out the accesspoints that doesnot use encryption and takes control over it for performing the attacks on the network.

Tips for securing Wireless Communications

Always use the maximum key size supported by accesspoint for encryption

  • If the keysize is large enough, then it takes more time to crack the key by the hacker. Also it is recommneded to change the encryption key frequently so that it makes difficult for the cracker to break the encryption key.

Isolate the wireless network from wired network with a firewall and a antivirus gateway.

  • Do not connect the accesspoint directly to the wired network. As there is a chance of comprimised wireless client inturn effecting the systems in the wired network, a firewall  and an antivirus gateway should be placed between the accespoint and the wired network.

Use VPN or IPSEC for protecting communication

  • When the information flowing from wireless client to the wired network receiver is critical, then it is recommended to use VPN or IPSEC based communication so that the information is protected from sniffers in the network.

Always maintain a updated firmware

  • Updating the firmware of  accesspoint is recommended, as it will reduce the number of security loop holes in the accesspoint.

Restrict access to the accesspoint based on MAC address

  • In order to allow authorised users to connect to the accesspoint, wireless clients  should be provided access based on MAC address.

Do not maintain factory default settings for an accesspoint                

  • Most of the users do not change the default passwords while configuring the accesspoint. But it is recommended to keep a strong  password,  as this default password information can be known from product manufacturers. 

Do not  make the SSID information public    

  • SSID information is used to identify a accesspoint in the network and also the wireless clients connect to the network using this information. Hence, in order to allow authorised users to connect to the network, the information should not be provided in public. 

Disable DHCP service                      

  • When the number of users accessing the accesspoint are less, it is recommended to disable the DHCP service. As this may make the attackers easy, to connect to the network once they get associated with the accesspoint.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

0 comments:

Post a Comment